package com.love.cloud.auth.provider;


import com.love.cloud.common.core.exception.BusinessException;
import com.love.cloud.common.security.exception.MyAuthenticationException;
import com.love.cloud.common.security.service.MyUser;
import com.love.cloud.common.security.token.PhoneOpenCodeAuthenticationToken;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;

/**
 * 手机加openId登陆
 * @author hongdongqu
 */
public class PhoneOpenCodeAuthenticationProvider extends MyAbstractUserDetailsAuthenticationProvider {

    private UserDetailsService userDetailsService;
    private static final PasswordEncoder ENCODER = new BCryptPasswordEncoder();

    @Override
    protected void additionalAuthenticationChecks(UserDetails var1, Authentication authentication) throws AuthenticationException {

        if(authentication.getCredentials() == null) {
            this.logger.debug("Authentication failed: no credentials provided");
            throw new BadCredentialsException(this.messages.getMessage("PhonePwdAuthenticationProvider.badCredentials", "Bad credentials"));
        } else {
            String phone= authentication.getPrincipal().toString();
            String openCode = authentication.getCredentials().toString();

            if (StringUtils.isEmpty(phone)) {
                throw new InvalidGrantException("手机号不能为空");
            }else if(StringUtils.isEmpty(openCode)){
                throw new InvalidGrantException("openId不能为空");
            }
            commonBusinessCheck(var1);
        }
    }

    @Override
    protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) {
        PhoneOpenCodeAuthenticationToken result = new PhoneOpenCodeAuthenticationToken(principal, authentication.getCredentials(), user.getAuthorities());
        result.setDetails(authentication.getDetails());
        return result;
    }

    @Override
    protected UserDetails retrieveUser(String phone, Authentication authentication) throws AuthenticationException {
        UserDetails loadedUser=null;
        try {
            loadedUser = this.getUserDetailsService().loadUserByUsername(phone);
        } catch (UsernameNotFoundException var6) {
            throw var6;
        }catch (BusinessException var8) {
            throw new MyAuthenticationException(var8.getMessage(), var8);
        } catch (Exception var7) {
            throw new InternalAuthenticationServiceException(var7.getMessage(), var7);
        }

        if(loadedUser == null) {
            throw new InternalAuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
        } else {
            return loadedUser;
        }
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return PhoneOpenCodeAuthenticationToken.class.isAssignableFrom(authentication);
    }


    public UserDetailsService getUserDetailsService() {
        return userDetailsService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}
